From 8187343042e567c59a8cd5fabe1e16116d0fd19c Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@redhat.com>
Date: Wed, 8 Sep 2010 08:56:13 -0400
Subject: [PATCH] Any app that executes service command will not do a getattr
 of all mounted file systems

---
 policy/modules/system/init.if | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/policy/modules/system/init.if b/policy/modules/system/init.if
index c504f341..f28524b4 100644
--- a/policy/modules/system/init.if
+++ b/policy/modules/system/init.if
@@ -945,6 +945,8 @@ interface(`init_labeled_script_domtrans',`
 	')
 
 	typeattribute $1 initrc_transition_domain;
+	# service script searches all filesystems via mountpoint
+	fs_search_all($1)
 	domtrans_pattern($1, $2, initrc_t)
 	files_search_etc($1)
 ')